LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Mon Mar 18 10:52:03 EDT 2019

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today12N/AN/AN/AN/AN/A
ALL Hosts This Month 17 557 32.76 47.20 17 193 4
ALL Hosts Last Month 28 1,827 65.25 75.89 25.5 240 0
ALL Hosts This Year 76 5,333 70.17 90.37 21.5 349 0
ALL Hosts Since Logging Started 1,155 156,156 135.20 259.45 71 4,447 0
ALL Hosts Normalized Since Logging Started 1,979 56,499 28.55 148.99 8 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today12N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 12.41 4.47 17 20 4
ALL Hosts Last Month 28N/A 9.61 5.60 10 20 0
ALL Hosts This Year 76N/A 10.97 5.30 17.5 26 0
ALL Hosts Since Logging Started 1,155N/A 27.28 21.62 31 317 0
ALL Hosts Normalized Since Logging Started 1,155N/A 27.28 21.62 31 317 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 28N/A 0.00 0.00 0 0 0
ALL Hosts This Year 76N/A 0.00 0.00 0 0 0
ALL Hosts Since Logging Started 1,155N/A 0.66 1.50 0 17 0
ALL Hosts Normalized Since Logging Started 1,155N/A 0.66 1.50 0 17 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 10.47 4.02 3 16 3
ALL Hosts Last Month 28N/A 8.11 4.98 9 16 0
ALL Hosts This Year 76N/A 8.92 4.58 2 17 0
ALL Hosts Since Logging Started 1,155N/A 15.59 18.05 24 293 0
ALL Hosts Normalized Since Logging Started 1,155N/A 15.59 18.05 24 293 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 20.18 48.03 108 184 0
ALL Hosts Last Month 28N/A 56.82 75.23 164 232 0
ALL Hosts This Year 76N/A 59.72 89.74 86.5 336 0
ALL Hosts Since Logging Started 1,126N/A 90.19 244.07 3 4,304 0
ALL Hosts Normalized Since Logging Started 1,126N/A 90.19 244.07 3 4,304 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 18.24 41.82 108 152 0
ALL Hosts Last Month 28N/A 53.18 68.95 157 209 0
ALL Hosts This Year 76N/A 53.42 78.41 144 311 0
ALL Hosts Since Logging Started 1,126N/A 38.51 59.08 21 697 0
ALL Hosts Normalized Since Logging Started 1,126N/A 38.51 59.08 21 697 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 28N/A 0.00 0.00 0 0 0
ALL Hosts This Year 76N/A 0.00 0.00 0 0 0
ALL Hosts Since Logging Started 1,126N/A 1.80 15.46 0 391 0
ALL Hosts Normalized Since Logging Started 1,126N/A 1.80 15.46 0 391 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 28N/A 0.00 0.00 0 0 0
ALL Hosts This Year 76N/A 0.00 0.00 0 0 0
ALL Hosts Since Logging Started 1,155N/A 1.99 15.73 0 391 0
ALL Hosts Normalized Since Logging Started 1,155N/A 1.99 15.73 0 391 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 20.94 41.87 3 155 1
ALL Hosts Last Month 28N/A 55.21 69.30 94 211 0
ALL Hosts This Year 76N/A 55.67 78.54 211 313 0
ALL Hosts Since Logging Started 1,126N/A 43.33 60.19 26 743 0
ALL Hosts Normalized Since Logging Started 1,126N/A 43.33 60.19 26 743 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 28N/A 0.00 0.00 0 0 0
ALL Hosts This Year 76N/A 0.00 0.00 0 0 0
ALL Hosts Since Logging Started 1,126N/A 1.80 15.46 0 391 0
ALL Hosts Normalized Since Logging Started 1,126N/A 1.80 15.46 0 391 0
 
Hosts protected by BlackRidge Technologies
 
Hosts protected by an Intrusion Protection System
 
Educational Sites
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential server
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16 68 4.25 2.93 3.5 9 0
shepherd Last Month 23 397 17.26 21.87 8 78 0
shepherd This Year 65 1,566 24.09 50.05 7 319 0
shepherd Since Logging Started 1,008 33,096 32.83 47.55 10 370 0
shepherd Normalized Since Logging Started 1,008 33,096 32.83 47.55 10 370 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 4.06 2.77 3.5 9 0
shepherd Last Month 23N/A 4.04 3.07 3 13 0
shepherd This Year 65N/A 4.45 2.91 4 13 0
shepherd Since Logging Started 1,009N/A 7.12 6.40 2 49 0
shepherd Normalized Since Logging Started 1,009N/A 7.12 6.40 2 49 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.00 0.00 0 0 0
shepherd Last Month 23N/A 0.00 0.00 0 0 0
shepherd This Year 65N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,009N/A 0.11 0.39 0 4 0
shepherd Normalized Since Logging Started 1,009N/A 0.11 0.39 0 4 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 2.81 2.70 2 8 0
shepherd Last Month 23N/A 1.57 2.36 0 7 0
shepherd This Year 65N/A 2.45 2.85 1 11 0
shepherd Since Logging Started 1,008N/A 3.77 5.21 2 47 0
shepherd Normalized Since Logging Started 1,008N/A 3.77 5.21 2 47 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.31 0.77 0 3 0
shepherd Last Month 23N/A 13.96 21.56 12 76 0
shepherd This Year 65N/A 20.06 49.33 0 312 0
shepherd Since Logging Started 1,000N/A 18.74 36.32 17 359 0
shepherd Normalized Since Logging Started 1,000N/A 18.74 36.32 17 359 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.31 0.77 0 3 0
shepherd Last Month 23N/A 13.74 21.20 11 74 0
shepherd This Year 65N/A 18.09 40.59 0 225 0
shepherd Since Logging Started 1,000N/A 11.78 29.25 71.5 273 0
shepherd Normalized Since Logging Started 1,000N/A 11.78 29.25 71.5 273 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.00 0.00 0 0 0
shepherd Last Month 23N/A 0.00 0.00 0 0 0
shepherd This Year 65N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,000N/A 0.35 4.45 0 86 0
shepherd Normalized Since Logging Started 1,000N/A 0.35 4.45 0 86 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.00 0.00 0 0 0
shepherd Last Month 23N/A 0.00 0.00 0 0 0
shepherd This Year 65N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,008N/A 0.35 4.43 0 86 0
shepherd Normalized Since Logging Started 1,008N/A 0.35 4.43 0 86 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 1.44 1.06 1 5 0
shepherd Last Month 23N/A 14.87 21.45 13 75 0
shepherd This Year 65N/A 19.32 40.89 13 227 0
shepherd Since Logging Started 1,000N/A 13.81 29.81 23.5 275 0
shepherd Normalized Since Logging Started 1,000N/A 13.81 29.81 23.5 275 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 0.00 0.00 0 0 0
shepherd Last Month 23N/A 0.00 0.00 0 0 0
shepherd This Year 65N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,000N/A 0.35 4.45 0 86 0
shepherd Normalized Since Logging Started 1,000N/A 0.35 4.45 0 86 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS-Amazon Webservices webserver
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12 0 0.00 0.00 0 0 0
AWS Last Month 23 0 0.00 0.00 0 0 0
AWS This Year 62 0 0.00 0.00 0 0 0
AWS Since Logging Started 971 23,403 24.10 207.02 0 4,253 0
AWS Normalized Since Logging Started 971 23,403 24.10 207.02 0 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 971N/A 5.67 8.43 0 109 0
AWS Normalized Since Logging Started 971N/A 5.67 8.43 0 109 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 971N/A 0.19 0.53 0 7 0
AWS Normalized Since Logging Started 971N/A 0.19 0.53 0 7 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 970N/A 3.10 6.53 0 103 0
AWS Normalized Since Logging Started 970N/A 3.10 6.53 0 103 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 963N/A 19.95 207.06 0 4,241 0
AWS Normalized Since Logging Started 963N/A 19.95 207.06 0 4,241 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 963N/A 5.27 15.26 0 170 0
AWS Normalized Since Logging Started 963N/A 5.27 15.26 0 170 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 963N/A 0.18 3.07 0 84 0
AWS Normalized Since Logging Started 963N/A 0.18 3.07 0 84 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 971N/A 0.17 3.06 0 84 0
AWS Normalized Since Logging Started 971N/A 0.17 3.06 0 84 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 963N/A 6.30 15.69 0 172 0
AWS Normalized Since Logging Started 963N/A 6.30 15.69 0 172 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 23N/A 0.00 0.00 0 0 0
AWS This Year 62N/A 0.00 0.00 0 0 0
AWS Since Logging Started 963N/A 0.18 3.07 0 84 0
AWS Normalized Since Logging Started 963N/A 0.18 3.07 0 84 0

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2